SnapReport Shield Integrated Systems

SnapReport Privacy Policy

Effective date: July 12, 2026

This Privacy Policy explains how Shield Recovery, which operates the SnapReport service under the Shield Integrated Systems brand (collectively, “SnapReport,” “we,” “us,” or “our”), collects, uses, discloses, retains, and protects information through the SnapReport mobile application, web application, company dashboard, platform-administration tools, and related services (the “Service”).

1. Scope and roles

SnapReport is a business workplace platform used by companies and their authorized personnel.

This Policy applies to:

A Customer generally determines which personnel may use its account, what roles they have, whether optional shift-location tracking is enabled, and how Customer Data is used in its operations. For personal information processed on a Customer’s instructions, the Customer is generally the business, controller, or responsible employer, and SnapReport acts as its service provider or processor. SnapReport may act as an independent business or controller for information used to operate, secure, bill, support, and improve the Service.

2. Information we collect

2.1 Account and identity information

We may collect names, email addresses, roles, company affiliations, invitation information, account status, authentication identifiers, and related account records. Field Users may authenticate through a company-specific PIN or another authentication method enabled for their Customer.

2.2 Precise location and shift-location information

With device permission, the Service may collect precise GPS coordinates, accuracy measurements, timestamps, and related location information:

Active-shift tracking is intended to stop when the tracked shift ends, tracking is disabled, permission is withdrawn, or the user signs out, subject to normal device and network behavior.

Location data is associated with the applicable Customer, user, report, or shift. It is not made available to unrelated Customers.

2.3 Photos and media

We collect photos captured through the app or selected from the device as part of a report, together with available metadata such as timestamps, file information, and location metadata supplied by the device.

2.4 Job, vehicle, report, and operational content

We may collect vehicle identification numbers, plate or vehicle details, condition information, job assignments, statuses, notes, addresses, timestamps, signatures or acknowledgments if enabled, and other text or media submitted through the Service.

2.5 Communications

We collect messages sent through shift chat or other in-app communication features, support requests, feedback, and communications sent to us.

2.6 Device, network, and technical information

We may collect device model, operating system and version, app version, browser type, IP address, session information, crash and diagnostic data, request logs, security events, and similar technical information needed to operate and protect the Service.

2.7 Authentication and security information

We collect account identifiers, session information, login events, failed authentication attempts, PIN-attempt records, and security signals. PINs are intended to be cryptographically hashed rather than stored in readable plain text, and authentication attempts may be rate-limited or blocked for security.

2.8 Payment and subscription information

If paid plans are offered, payment processors may collect payment-card and billing details directly. SnapReport does not intend to store full payment-card numbers. We may receive limited billing information such as Customer name, billing contact, plan, payment status, invoice status, and renewal information.

2.9 Information from Customers and service providers

We may receive information from a Customer that invites or manages a user, and from vendors that help us provide authentication, hosting, storage, email, monitoring, payment processing, or support.

3. How we use information

We use information to:

We may use aggregated or de-identified information for analytics, security, product improvement, and business planning where it cannot reasonably identify an individual.

We do not use personal information for third-party behavioral advertising. We do not sell personal information, and we do not share personal information for cross-context behavioral advertising as those terms are defined by applicable California law.

4. Legal bases for processing

Where applicable law requires a legal basis, we rely on one or more of the following:

Customers are responsible for providing workplace notices, obtaining any legally required consent, and establishing any other lawful basis required for their collection and use of employee or contractor information through the Service.

5. How we disclose information

We may disclose information as follows:

5.1 Within the Customer’s organization

Authorized owners, administrators, dispatchers, office personnel, and other permitted users of the same Customer may access information according to their assigned roles and the Customer’s configuration. This may include reports, photos, job details, chat messages, and location information connected to the Customer’s operations.

5.2 Service providers

We may disclose information to vendors that provide database hosting, cloud infrastructure, storage, content delivery, email delivery, payment processing, authentication, monitoring, analytics, customer support, and security services. They may process information only to provide services to us, subject to contractual and legal obligations.

5.3 Legal, safety, and enforcement disclosures

We may disclose information when we reasonably believe disclosure is required by law, subpoena, court order, or other lawful process; necessary to protect a person’s safety; needed to investigate fraud, abuse, or a security incident; or appropriate to protect the rights, property, or operations of SnapReport, a Customer, or others.

5.4 Business transactions

Information may be disclosed or transferred in connection with a financing, merger, acquisition, reorganization, sale of assets, change of control, bankruptcy, or similar business transaction, subject to applicable law.

5.5 With direction or consent

We may disclose information when directed by the applicable Customer or user, or with legally valid consent.

6. Precise location and background tracking

Precise geolocation is sensitive information. SnapReport uses it only for operational functions such as report verification and optional active-shift tracking. SnapReport does not use precise location for advertising and does not sell it.

A Customer that enables shift tracking is responsible for:

Users may control device permissions through their operating-system settings. Disabling location permission may prevent location-dependent features from working.

7. Data retention

We retain information only for as long as reasonably necessary for the purposes described in this Policy, subject to the following general schedule:

Data category General retention period
Reports, photos, location, VINs, job records, and related Customer Data While the Customer account is active, followed by a 30-day export period after termination or cancellation; data may then be deleted or de-identified unless a longer period is required by law, an applicable agreement, a Customer instruction, or a legal hold
Account and identity information While the account or Customer relationship remains active, and afterward for the period reasonably necessary to close the account, maintain security records, resolve disputes, or comply with law
Security, audit, login, and PIN-attempt records Generally 12 months, unless a longer period is reasonably necessary for security, fraud prevention, investigation, or legal compliance
Support communications Generally 24 months after the last communication
Billing, transaction, tax, and accounting records For the period required by applicable tax, accounting, and commercial laws, commonly up to seven years
Backups Until removed through normal backup rotation, disaster-recovery, and deletion processes

We may retain information longer when reasonably necessary for litigation, legal process, regulatory obligations, fraud prevention, security investigations, enforcement of agreements, or protection of legal rights.

8. Data access, export, correction, and deletion

A Customer may request access to, correction of, export of, or deletion of Customer Data by contacting shield.snapreport@gmail.com. Individual users may also contact their Customer administrator, who may be able to address the request directly.

We verify identity and authority before fulfilling a request. Where SnapReport processes information solely on behalf of a Customer, we may refer the request to that Customer or assist the Customer in responding. We may deny or limit a request where permitted or required by law, including when information must be retained for legal, security, billing, fraud-prevention, or dispute-resolution purposes.

After termination, the Customer generally has 30 days to request an export. After that period, data may be deleted, de-identified, or made unrecoverable through ordinary retention and backup processes.

9. Security

We use administrative, technical, and organizational safeguards designed to protect information, including encrypted network connections, access controls, credential protection, rate limiting, tenant separation, logging, and least-privilege practices where appropriate.

No method of transmission or storage is completely secure. We cannot guarantee absolute security, uninterrupted availability, or that unauthorized access will never occur. Customers and users are responsible for protecting devices, credentials, PINs, email accounts, and access to their own systems.

If a security incident triggers a legal notification obligation, we will provide notice as required by applicable law.

10. U.S. state privacy rights

Depending on where an individual resides and whether the applicable law covers SnapReport or the relevant Customer, the individual may have rights to request access, correction, deletion, or portability of personal information; obtain information about collection and disclosure; opt out of certain sales, sharing, targeted advertising, or profiling; limit certain uses of sensitive personal information; and appeal a denied request.

SnapReport does not sell personal information or use it for third-party targeted advertising. Precise geolocation is used only as reasonably necessary to provide the Service and related security or legal functions.

California residents may have rights under the California Consumer Privacy Act and California Privacy Rights Act, subject to statutory thresholds, exceptions, and the respective roles of SnapReport and the Customer. California residents will not be discriminated against for exercising applicable privacy rights.

Requests may be sent to shield.snapreport@gmail.com. We may ask for information needed to verify identity, authority, or the Customer relationship. Authorized agents may submit requests where permitted by law, subject to verification.

11. International privacy rights

If the UK GDPR, EU GDPR, or similar law applies, an individual may have rights to access, correct, erase, restrict, object to, or port personal data, withdraw consent where processing is based on consent, and complain to a supervisory authority.

Where a Customer is the controller and SnapReport is its processor, the Customer is primarily responsible for responding to data-subject requests, and SnapReport will provide reasonable assistance as required by applicable law and contract.

12. International transfers

SnapReport and its service providers may process information in the United States and other countries. Where required, we use legally recognized transfer mechanisms and contractual protections intended to protect transferred information.

13. Cookies and local storage

The web portions of the Service may use cookies, local storage, session storage, and similar technologies that are necessary for authentication, security, preferences, and core functionality. We do not currently use these technologies for third-party behavioral advertising.

14. Children

The Service is a workplace and business tool intended only for adults. Users must be at least 18 years old. We do not knowingly collect personal information from anyone under 18. If we learn that we collected such information, we will take reasonable steps to delete it.

15. Automated decision-making

SnapReport does not use personal information to make solely automated decisions that produce legal or similarly significant effects on an individual. Automated security controls, such as temporary rate limits or blocks after repeated failed authentication attempts, are used to protect the Service and are not employment decisions.

16. Third-party services and links

The Service may interact with third-party platforms, device services, mapping providers, hosting providers, payment processors, or external links. Their privacy practices are governed by their own policies. SnapReport is not responsible for the independent privacy practices of third parties.

17. Changes to this Policy

We may update this Policy from time to time. We will revise the effective date when changes are published and provide additional notice where required by law or where a change materially affects how personal information is handled.

18. Contact

Shield Recovery Operating SnapReport under the Shield Integrated Systems brand 1055 Sonoma Blvd, Vallejo, California, United States Email: shield.snapreport@gmail.com

Privacy, data-access, deletion, support, and legal inquiries may be sent to the email address above.